Another zero-day vulnerability tracked as CVE-2025-13223 has been discovered to affect Google Chrome and Chromium web browsers on Windows, macOS, and Linux endpoints. It follows the earlier disclosure of CVE-2025-464, which also affects these web browsers. This is a high-severity flaw with a CVSS score of 8.8 reported to be actively exploited in the wild.  […]

Funklocker ransomware is a recently observed threat attributed to the FunkSec group, primarily targeting Windows environments. It is known for using AI-assisted code generation to produce new variants, which makes traditional signature-based defenses less effective. Funklocker ransomware uses living-off-the-land (LOTL) techniques by blending malicious activity with legitimate system functions to evade detection. This includes running […]

Snowflake is a fully managed, cloud-native data warehouse designed to handle structured and semi-structured data at massive scale. It separates storage from compute, allowing organizations to independently scale workloads such as data ingestion, analytics, machine learning, and reporting. It is a high-value target for attackers because it often centralizes critical business data such as financial […]

IT Hygiene is the practice of maintaining clean, consistent, and secure endpoint configurations across your infrastructure. Every endpoint in your environment is a potential entry point for attackers. A forgotten user account, an outdated package, a rogue service, or an unapproved browser extension can silently expose your organization to risk. Consistent visibility and control over […]

The Wazuh agent is a component of the Wazuh SIEM and XDR solution that protects monitored endpoints such as servers, laptops, and virtual machines. Deploying Wazuh agents in containerized endpoints orchestrated by Kubernetes requires a more resilient deployment strategy. In containerized environments where workloads are ephemeral and dynamic, maintaining a persistent identity and configuration for […]

Maranhão Stealer is a Node.js-based infostealer delivered through pirated software and trojanized video game installers. Threat actors lure victims with cracked or modified game launchers that secretly install the malware on Windows systems. Once installed, Maranhão Stealer harvests sensitive data, such as browser credentials, cookies, cryptocurrency wallets, and other valuable information.  The malware targets common […]

Gunra ransomware is a recently identified threat that has been observed targeting Windows endpoints across multiple industries worldwide, including manufacturing and energy sectors. Known for its encryption capabilities and exfiltration tactics, the ransomware follows a double-extortion model, encrypting victim data while simultaneously threatening to leak stolen information on its Tor-hosted leak site. Gunra’s malicious behavior […]

Security observability allows security teams to gain comprehensive visibility into the security posture of systems, applications, and networks by collecting and analyzing telemetry from various sources. These data sources, including logs, metrics, and traces, provide deep insights into diagnosing system issues and investigating security incidents. They also help to detect and respond to potential threats […]

Koske malware is a new, trending malware that Aqua Nautilus first identified in July 2025. It is believed to be an AI-generated malware designed for cryptocurrency mining operations on Linux endpoints. The structure and characteristics of its code suggest that it may have been developed using large language models (LLMs) or automation frameworks. Koske is […]

Network security focuses on ensuring the integrity, confidentiality, and availability of computer networks and data by preventing unauthorized access, misuse, or disruption. Continuous network monitoring provides visibility into network activity, enabling organizations to detect issues, optimize performance, and identify potential threats before they escalate into serious incidents. Wazuh is an open source SIEM/XDR platform that […]

Admin By Request (ABR) is a Privilege Access Management (PAM) tool designed for managing local administrator privileges. Granting permanent administrator rights can expose organizations to malware, privilege misuse, and compliance risks. Admin By Request addresses this by allowing users to request temporary, audited admin access when needed, eliminating the need for permanent local administrator rights. […]

Defense evasion techniques are methods that threat actors use to conceal their presence, bypass security mechanisms, and operate undetected on compromised systems. By evading detection, adversaries can maintain persistence and continue malicious activity even during active monitoring or security scans. Common defense evasion methods include disabling or uninstalling security tools, tampering with event logs, obfuscating […]